Please login here to save this document to a list.
If you don't have an account, you can register for free here.
ALL FEES INCLUDED
|Add to Cart|
BENEFITS OF DOCUMENT
This Cloud Security and Risk Standards Self Assessment helps you diagnose and address the following issues and questions:
IDS/IPS traffic pattern analysis can often detect or block attacks such as a denial-of-service attack or a network scan. However, in some cases this is legitimate traffic (such as using cloud infrastructure for load testing or security testing). Does the cloud provider have a documented exception process for allowing legitimate traffic that the IDS/IPS flags as an attack pattern?
It is clear that the CSP will face a large number of requests from its customers to prove that the CSP is secure and reliable. There a number of audit and compliance considerations for both the CSP and the customer to consider in cloud computing. First, which compliance framework should a CSP adopt to satisfy its customers and manage its own risks?
In addition to the security of your own customer data, customers should also be concerned about what data the provider collects and how the CSP protects that data. Specifically with regard to your customer data, what metadata does the provider have about your data, how is it secured, and what access do you, the customer, have to that metadata?
IDS/IPS content matching can detect or block known malware attacks, virus signatures, and spam signatures, but are also subject to false positives. If the cloud provider provides IDS/IPS services, is there a documented exception process for allowing legitimate traffic that has content similar to malware attacks or spam?
Security and authentication technologies, allied to event logging, in the cloud computing environment can help auditors as they deal with issues related to workflow were those who entered, approved, changed or otherwise touched data authorized to do so, on an individual, group or role-related basis?
As a CSP undertakes to build out or take a fresh look at its service offerings, the CSP should clearly define its business strategy and related risk management philosophy. What market segments or industries does the CSP intend to serve?
How do you know that a breach has occurred, how do you ensure that the CSP notifies you when a breach occurs, and who is responsible for managing the breach notification process (and costs associated with the process)?
An extra consideration when using cloud services concerns the handling of encryption keys – where are the keys stored and how are they made available to application code that needs to decrypt the data for processing?
Another critical success factor is that appropriate governance needs to be in place. That is, is an appropriate organizational structure in place to manage the organization facing the cloud computing solution?
The Self Assessment tool is built in MS Excel. The above preview showcases an example of a completed version. The secondary document includes a blank template, as well as a detailed 140+ page PDF guide. The guide provides a convenient way to distribute and share among the participants to prepare and discuss the Self Assessment.
Got a question about the product? Email us at [email protected] or ask the author directly by using the "Ask the Author a Question" form. If you cannot view the preview above this document description, go here to view the large preview instead.
Source: Best Practices in Cloud Excel: Assessment Dashboard - Cloud Security and Risk Standards Excel (XLSX) Spreadsheet, Gerard Blokdijk
ABOUT THE AUTHOR: GERARD BLOKDIJK
Gerard is the CEO at The Art of Service. He has been providing information technology insights, talks, tools and products to organizations in a wide range of industries for over 25 years. Gerard is a widely recognized and respected information expert. Gerard founded The Art of Service consulting business in 2000. Gerard has authored numerous published books to date.
Gerard Blokdijk has published 305 additional documents on Flevy.
File Size: 473.3 KB
Related Topic(s): Cloud
This business document is categorized under the function(s): Information Technology Governance, Risk, & Compliance
It applies to All Industries
Purchase includes lifetime product updates. After your purchase, you will receive an email to download this document.
This product contains a supplemental ZIP document.
Initial upload date (first version): Oct 26, 2017
Most recent version published: Oct 30, 2017
|Download our free compilation of 50+ Strategy & Transformation slides and templates. Frameworks include McKinsey 7-S Strategy Model, Balanced Scorecard, Disruptive Innovation, BCG Experience Curve, and many more. To receive this free download, enter your email address below and click the "Email Me" button.|
"FlevyPro has been a brilliant resource for me, as an independent growth consultant, to access a vast knowledge bank of presentations to support my work with clients. In terms of RoI, the value I received from the very first presentation I downloaded paid for my subscription many times over! The quality of the decks available allows me to punch way above my weight – it's like having the resources of a Big 4 consultancy at your fingertips at a microscopic fraction of the overhead."
– Roderick Cameron, Founding Partner at SGFE Ltd
"Flevy is our 'go to' resource for management material, at an affordable cost. The Flevy library is comprehensive and the content deep, and typically provides a great foundation for us to further develop and tailor our own service offer."
– Chris McCann, Founder at Resilient.World
"As a small business owner, the resource material available from FlevyPro has proven to be invaluable. The ability to search for material on demand based our project events and client requirements was great for me and proved very beneficial to my clients. Importantly, being able to easily edit and tailor the material for specific purposes helped us to make presentations, knowledge sharing, and toolkit development, which formed part of the overall program collateral. While FlevyPro contains resource material that any consultancy, project or delivery firm must have, it is an essential part of a small firm or independent consultant's toolbox."
– Michael Duff, Managing Director at Change Strategy (UK)
"FlevyPro provides business frameworks from many of the global giants in management consulting that allow you to provide best in class solutions for your clients."
– David Harris, Managing Director at Futures Strategy
"As a consultant requiring up to date and professional material that will be of value and use to my clients, I find Flevy a very reliable resource.
The variety and quality of material available through Flevy offers a very useful and commanding source for information. Using Flevy saves me time, enhances my expertise and ends up being a good decision."
– Dennis Gershowitz, Principal at DG Associates
"If you are looking for great resources to save time with your business presentations, Flevy is truly a value-added resource. Flevy has done all the work for you and we will continue to utilize Flevy as a source to extract up-to-date information and data for our virtual and onsite presentations!"
– Debbi Saffo, President at The NiKhar Group
"As an Independent Management Consultant, I find Flevy to add great value as a source of best practices, templates and information on new trends. Flevy has matured and the quality and quantity of the library is excellent. Lastly the price charged is reasonable, creating a win-win value for the customer, Flevy and the various authors. This is truly a service that benefits the consulting industry and associated clients. Thanks for providing this service. "
– Jim Schoen, Principal at FRC Group
"I have used Flevy services for a number of years and have never, ever been disappointed. As a matter of fact, David and his team continue, time after time, to impress me with their willingness to assist and in the real sense of the word. I have concluded in fact that it is not at all just a repository of documents/resources but, in the way that David and his team manage the firm, it is like dealing with consultants always ready to assist, advise and direct you to what you really need, and they always get it right.
I am an international hospitality accomplished senior executive who has worked and lived during the past 35 years in 23 countries in 5 continents and I can humbly say that I know what customer service is, trust me.
Aside from the great and professional service that Flevy's team provide, their wide variety of material is of utmost great quality, professionally put together and most current.
Well done Flevy, keep up the great work and I look forward to continue working with you in the future and to recommend you to a variety of colleagues around the world."
– Roberto Pelliccia, Senior Executive in International Hospitality
Do You Want to Get Lean?We've assembled 40 Lean Six Sigma guides: Lean Management, Six Sigma, Strategy Planning, Process, and Change Management.
Waste Too Much Time on PowerPoint?Get our FREE PowerPoint Plugin (Flevy Tools) for creating common business diagrams, from Gantt Charts to Harvey Balls.
Do You Run a Consulting Firm?Learn how to level the playing field with global consulting firms, like McKinsey, BCG, Bain, E&Y, and Accenture.
Need Help with PowerPoint or Excel?Have our highly trained staff create the exact documents you need. We offer PowerPoint and Excel document creation services.
FlevyPro (Subscription Service)
Flevy Executive Learning (FEL)
LinkedIn Influencer Marketing
Contact / FAQ / Terms / Privacy
flevyblog (Business Magazine)
Strategy, Marketing, & Sales
Organization, Change, & HR
Health & Safety
Governance, Risk, & Compliance
Customer-centric Design (CCD)
Human Resource Management
Blue Ocean Strategy
COVID-19 Trend Data
Consulting Training Guides
Organizational Culture (OC)
Organizational Design (OD)
Organizational Leadership (OL)
Financial Advising Services (FAS)
Flevy Tools (PowerPoint Plugin)
Lean Six Sigma Training Guides
Post-merger Integration (PMI)
Supply Chain Management (SCM)
Small Business Owner
© 2012-2023 Copyright. Flevy LLC. All Rights Reserved.